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Abstract — In future Radio Frequency Identification (RFID) 
will become most widely used device. Radio Frequency 
identification is an emerging technology which brings gigantic 
productivity advantage in application where target have to be 
identified automatically in mobiles and ubiquitous estimate. A 
primary RFID security concern is the forbidden tracking of 
RFID tags which are world readable, artificial position a risk to 
both personal location privacy and corporate/ Military security 
such responsibility have been elevated with respect to the unites 
state department of defence .more generally privacy 
organization have show concern in the context of ongoing efforts 
to implant electronic product code (EPC) RFID tags in 
consumer product. To underrate security threats, security 
protocol play vital role. As with any protocol the security 
protocol comprises a prescribed sequence of communication 
between entities and is designed to achieve a certain solution. 
The non line of sight property of RFID increased convenience 
and efficiency but it also increased the system vulnerability. In 
this paper we review the existing security threats and security 
protocol. 

Index Terms —interrogator (reader), transponder (tags), 
security threats, security protocols. 

I. Introduction 

The basic concept of radio frequency identification (RFID) 
were developed during world war II, only recently has RFID 
become a ubiquitous technology in today’s industry, market, 
and society. RFID is the wireless use of EM fields to transfer 
data for purpose of automatically identification and tracking 
tags attach to the object .RFID has ability to improve 
efficiency economy ,In every aspect like in access control 
,supply chain , management ,public transportation ,open air 
events, airport baggage, express parcel, logistics many others 
. RFID do not have any protection mechanism for the stored 
information on the tag. In RFID finding the solution for 
security requirements has become major concern. 

II. Security Threats For RFID 

A. Spoofing 

Spoofing is an activity whereby a counterfeit tag masquerades 
as a valid tag and thereby takes an illicit advantage. Tag 
cloning is a type of spoofing attack that take the data from a 
valid tag and then creates a copy of the captured data with a 
blank tag. 

B. Mediator attack (man in the middle) 

A man in the middle attack is possible when the data is 
transfer between the two object. An attacker can impede the 
communication path and manipulate the information between 
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the RFID components. The attack will change the information 
before it reaches to the intended device. 

C. Snooping 

There exists a risk when the communication between 
transponder and reader takes place which is called snooping. 
Snooping takes place when a tag is being read by an 
authorized RFID reader an enemy block the data with any 
compliant reader for the correct tag family and frequency. 
Since the most RFID system use clear text communication 
due to tag memory capacity and cost. Snooping is a simple but 
efficient means for the attacks to obtain information which is 
stored in the transponder. 



Figure 1. A generic RFID system 


D. Repudiation of Services 

The purpose of ROS is not to abduct or modify the 
information but to debilitate the RFID system so that it cannot 
be used. Another type of ROS is to destroy or debilitate RFID 
tags by removing them from the items, washing out their 
stored information. 

E. Replay 

In this type of attack an enemy stop the communication 
between transponder and interrogator and to capture a valid 
RFID signal. At after some time when the attacker receives a 
query from the interrogator this captured signal is re-entered 
into the system. Since the data appears valid it will accepted 
by the system. 

F. Desynchronizing attack 

Antagonist can create a desynchronizing state between 
interrogator and transponder by intercepting certain 
transmitted data. This aberrant state can occur in a TID and 
secret key update of RFID .If any one of the secret key’s 
values in the transponder is desynchronize the legal 
transponder cannot be authenticate. 

G. Side channel analysis 

Side channel analysis is a form of power analysis in which the 
aim is, by analyzing the change of power consumption to 
crack the password. It is true that power consumption patterns 
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are different when the tag receive incorrect and correct 
password bits. 

III. Security protocol review for RFID 

A. Hash lock protocol 

Hash lock protocol includes the concept of locking and 
unlocking the transponder to allow access. In hash lock 
scheme it is require on the tag to implement the cryptographic 
hash function and managing keys at the backend. The tag does 
not declare its stored information until the interrogator sends 
the correct key corresponding to the meta-ID 
[4]. 



B. Enhanced Hash lock Protocol 

This enhanced protocol helps to prevent the disclosure of 
meta-ID during a tag is in the lock mode. The randomized 
hash lock protocol requires transponder to figure out a one 
way hash function and add an onboard, random number 
generator. During the questioning process prevents tracking 
of individuals depends upon metal id’s. 
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Fig. Execution process of Enhanced Hash lock 

C. Li’s Protocol 

Li’s protocol is depend on XOR operation and shared 
pseudonym. In this protocol by using a shared SID between 
transponder and back end system database so that during each 
reading the transponder challenges the interrogator with two 
arbitrary numbers. Which mark a segment of SID become the 
partial ID. 

D. Henrici and Muller’s protocol 

For low cost RFID system Henrici and Muller proposed an 
adequate and easy authentication protocol. This protocol is 


depend on a hash function is inserted into a tag and a random 
number generator on a back-end database to secure the user 
privacy information, user location privacy and the replay 
attack [5]. However this protocol cannot stand against the 
man in middle attack. 

E. Jules ’ Protocol 

Juels’ enter into the concept of multiple pseudonyms as one 
time pads [7]. In this protocol the whole back end database 
must search by each reading to rule out impossible tags and 
then mark the corresponding pseudonym invalid. The cut 
down version focused that most tags only perform the first 
step of the protocol so that attacker cannot obtain useful 
information but only pseudonym. This also create a problem 
of running out of pseudonyms due to the fact they were 
statically planted into the tag before being sold. 

F. Sasi Protocol 

This protocol is based on the same basic operation of m A 2 AP 
[8] which is called ultra-light-weight it has 3 share secret key 
and two arbitrary number by taking XOR operation to 
implement the encryption. The share secret key and random 
number update each time for achieving forward security 
feature. But this easily suffers de-synchronization attack 
because the key’s updating does not adopt strict limit, 
exploratory retroversion mechanism and lack the exception 
handling mechanism. 

G. LPN Based Protocol 

In this protocol juels et [7] proposed HB+ which based on the 
learning parity with noise (LPN) 

Problem and employs binary inner product. HB+ [7] [9] with 
a noise bit repeats a basic authentication protocol and accepts 
the tag of a very limited number of response are invalid. But 
this protocol suffers from tracking problem, MIM problem 
and violation of tag anonymity. 

H. Universal Composability Protocol 

This protocol provides a mechanism to prevent 
de-synchronization of secret key attack as well as it also 
prevent privacy, forward security .O-FRAP uses pseudonym 
approach for privacy purpose [20].O-FRAP can also use the 
concept of key exchange [11] [15]. 

I. Multi Tag Scanning Protocol 

This is the first protocol which focus the multiple tag scanning 
problem. This protocol is also called yoking-proof [12] [13] 
in which the main idea is to let 2 tags sign each other in order 
to prove each other presence. 

J. Distance Bounding Protocol 

The first protocol which focused mafia fraud attack [14] [16] 
against RFID. The key idea behind this protocol is to simply 
repeat the authentication step multiple times so that each step 
can be complete in very less time. 
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